strix-agent 0.1.19__py3-none-any.whl → 0.3.1__py3-none-any.whl

strix/interface/utils.py

@@ -0,0 +1,435 @@
+import re
+import secrets
+import shutil
+import subprocess
+import sys
+import tempfile
+from pathlib import Path
+from typing import Any
+from urllib.parse import urlparse
+
+import docker
+from docker.errors import DockerException, ImageNotFound
+from rich.console import Console
+from rich.panel import Panel
+from rich.text import Text
+
+
+# Token formatting utilities
+def format_token_count(count: float) -> str:
+    count = int(count)
+    if count >= 1_000_000:
+        return f"{count / 1_000_000:.1f}M"
+    if count >= 1_000:
+        return f"{count / 1_000:.1f}K"
+    return str(count)
+
+
+# Display utilities
+def get_severity_color(severity: str) -> str:
+    severity_colors = {
+        "critical": "#dc2626",
+        "high": "#ea580c",
+        "medium": "#d97706",
+        "low": "#65a30d",
+        "info": "#0284c7",
+    }
+    return severity_colors.get(severity, "#6b7280")
+
+
+def build_stats_text(tracer: Any) -> Text:
+    stats_text = Text()
+    if not tracer:
+        return stats_text
+
+    vuln_count = len(tracer.vulnerability_reports)
+    tool_count = tracer.get_real_tool_count()
+    agent_count = len(tracer.agents)
+
+    if vuln_count > 0:
+        severity_counts = {"critical": 0, "high": 0, "medium": 0, "low": 0, "info": 0}
+        for report in tracer.vulnerability_reports:
+            severity = report.get("severity", "").lower()
+            if severity in severity_counts:
+                severity_counts[severity] += 1
+
+        stats_text.append("🔍 Vulnerabilities Found: ", style="bold red")
+
+        severity_parts = []
+        for severity in ["critical", "high", "medium", "low", "info"]:
+            count = severity_counts[severity]
+            if count > 0:
+                severity_color = get_severity_color(severity)
+                severity_text = Text()
+                severity_text.append(f"{severity.upper()}: ", style=severity_color)
+                severity_text.append(str(count), style=f"bold {severity_color}")
+                severity_parts.append(severity_text)
+
+        for i, part in enumerate(severity_parts):
+            stats_text.append(part)
+            if i < len(severity_parts) - 1:
+                stats_text.append(" | ", style="dim white")
+
+        stats_text.append(" (Total: ", style="dim white")
+        stats_text.append(str(vuln_count), style="bold yellow")
+        stats_text.append(")", style="dim white")
+        stats_text.append("\n")
+    else:
+        stats_text.append("🔍 Vulnerabilities Found: ", style="bold green")
+        stats_text.append("0", style="bold white")
+        stats_text.append(" (No exploitable vulnerabilities detected)", style="dim green")
+        stats_text.append("\n")
+
+    stats_text.append("🤖 Agents Used: ", style="bold cyan")
+    stats_text.append(str(agent_count), style="bold white")
+    stats_text.append(" • ", style="dim white")
+    stats_text.append("🛠️ Tools Called: ", style="bold cyan")
+    stats_text.append(str(tool_count), style="bold white")
+
+    return stats_text
+
+
+def build_llm_stats_text(tracer: Any) -> Text:
+    llm_stats_text = Text()
+    if not tracer:
+        return llm_stats_text
+
+    llm_stats = tracer.get_total_llm_stats()
+    total_stats = llm_stats["total"]
+
+    if total_stats["requests"] > 0:
+        llm_stats_text.append("📥 Input Tokens: ", style="bold cyan")
+        llm_stats_text.append(format_token_count(total_stats["input_tokens"]), style="bold white")
+
+        if total_stats["cached_tokens"] > 0:
+            llm_stats_text.append(" • ", style="dim white")
+            llm_stats_text.append("⚡ Cached: ", style="bold green")
+            llm_stats_text.append(
+                format_token_count(total_stats["cached_tokens"]), style="bold green"
+            )
+
+        llm_stats_text.append(" • ", style="dim white")
+        llm_stats_text.append("📤 Output Tokens: ", style="bold cyan")
+        llm_stats_text.append(format_token_count(total_stats["output_tokens"]), style="bold white")
+
+        if total_stats["cost"] > 0:
+            llm_stats_text.append(" • ", style="dim white")
+            llm_stats_text.append("💰 Total Cost: $", style="bold cyan")
+            llm_stats_text.append(f"{total_stats['cost']:.4f}", style="bold yellow")
+
+    return llm_stats_text
+
+
+# Name generation utilities
+def generate_run_name() -> str:
+    # fmt: off
+    adjectives = [
+        "stealthy", "sneaky", "crafty", "elite", "phantom", "shadow", "silent",
+        "rogue", "covert", "ninja", "ghost", "cyber", "digital", "binary",
+        "encrypted", "obfuscated", "masked", "cloaked", "invisible", "anonymous"
+    ]
+    nouns = [
+        "exploit", "payload", "backdoor", "rootkit", "keylogger", "botnet", "trojan",
+        "worm", "virus", "packet", "buffer", "shell", "daemon", "spider", "crawler",
+        "scanner", "sniffer", "honeypot", "firewall", "breach"
+    ]
+    # fmt: on
+    adj = secrets.choice(adjectives)
+    noun = secrets.choice(nouns)
+    number = secrets.randbelow(900) + 100
+    return f"{adj}-{noun}-{number}"
+
+
+# Target processing utilities
+def infer_target_type(target: str) -> tuple[str, dict[str, str]]:
+    if not target or not isinstance(target, str):
+        raise ValueError("Target must be a non-empty string")
+
+    target = target.strip()
+
+    lower_target = target.lower()
+    bare_repo_prefixes = (
+        "github.com/",
+        "www.github.com/",
+        "gitlab.com/",
+        "www.gitlab.com/",
+        "bitbucket.org/",
+        "www.bitbucket.org/",
+    )
+    if any(lower_target.startswith(p) for p in bare_repo_prefixes):
+        return "repository", {"target_repo": f"https://{target}"}
+
+    parsed = urlparse(target)
+    if parsed.scheme in ("http", "https"):
+        if any(
+            host in parsed.netloc.lower() for host in ["github.com", "gitlab.com", "bitbucket.org"]
+        ):
+            return "repository", {"target_repo": target}
+        return "web_application", {"target_url": target}
+
+    path = Path(target).expanduser()
+    try:
+        if path.exists():
+            if path.is_dir():
+                resolved = path.resolve()
+                return "local_code", {"target_path": str(resolved)}
+            raise ValueError(f"Path exists but is not a directory: {target}")
+    except (OSError, RuntimeError) as e:
+        raise ValueError(f"Invalid path: {target} - {e!s}") from e
+
+    if target.startswith("git@") or target.endswith(".git"):
+        return "repository", {"target_repo": target}
+
+    if "." in target and "/" not in target and not target.startswith("."):
+        parts = target.split(".")
+        if len(parts) >= 2 and all(p and p.strip() for p in parts):
+            return "web_application", {"target_url": f"https://{target}"}
+
+    raise ValueError(
+        f"Invalid target: {target}\n"
+        "Target must be one of:\n"
+        "- A valid URL (http:// or https://)\n"
+        "- A Git repository URL (https://github.com/... or git@github.com:...)\n"
+        "- A local directory path\n"
+        "- A domain name (e.g., example.com)"
+    )
+
+
+def sanitize_name(name: str) -> str:
+    sanitized = re.sub(r"[^A-Za-z0-9._-]", "-", name.strip())
+    return sanitized or "target"
+
+
+def derive_repo_base_name(repo_url: str) -> str:
+    if repo_url.endswith("/"):
+        repo_url = repo_url[:-1]
+
+    if ":" in repo_url and repo_url.startswith("git@"):
+        path_part = repo_url.split(":", 1)[1]
+    else:
+        path_part = urlparse(repo_url).path or repo_url
+
+    candidate = path_part.split("/")[-1]
+    if candidate.endswith(".git"):
+        candidate = candidate[:-4]
+
+    return sanitize_name(candidate or "repository")
+
+
+def derive_local_base_name(path_str: str) -> str:
+    try:
+        base = Path(path_str).resolve().name
+    except (OSError, RuntimeError):
+        base = Path(path_str).name
+    return sanitize_name(base or "workspace")
+
+
+def assign_workspace_subdirs(targets_info: list[dict[str, Any]]) -> None:
+    name_counts: dict[str, int] = {}
+
+    for target in targets_info:
+        target_type = target["type"]
+        details = target["details"]
+
+        base_name: str | None = None
+        if target_type == "repository":
+            base_name = derive_repo_base_name(details["target_repo"])
+        elif target_type == "local_code":
+            base_name = derive_local_base_name(details.get("target_path", "local"))
+
+        if base_name is None:
+            continue
+
+        count = name_counts.get(base_name, 0) + 1
+        name_counts[base_name] = count
+
+        workspace_subdir = base_name if count == 1 else f"{base_name}-{count}"
+
+        details["workspace_subdir"] = workspace_subdir
+
+
+def collect_local_sources(targets_info: list[dict[str, Any]]) -> list[dict[str, str]]:
+    local_sources: list[dict[str, str]] = []
+
+    for target_info in targets_info:
+        details = target_info["details"]
+        workspace_subdir = details.get("workspace_subdir")
+
+        if target_info["type"] == "local_code" and "target_path" in details:
+            local_sources.append(
+                {
+                    "source_path": details["target_path"],
+                    "workspace_subdir": workspace_subdir,
+                }
+            )
+
+        elif target_info["type"] == "repository" and "cloned_repo_path" in details:
+            local_sources.append(
+                {
+                    "source_path": details["cloned_repo_path"],
+                    "workspace_subdir": workspace_subdir,
+                }
+            )
+
+    return local_sources
+
+
+# Repository utilities
+def clone_repository(repo_url: str, run_name: str, dest_name: str | None = None) -> str:
+    console = Console()
+
+    git_executable = shutil.which("git")
+    if git_executable is None:
+        raise FileNotFoundError("Git executable not found in PATH")
+
+    temp_dir = Path(tempfile.gettempdir()) / "strix_repos" / run_name
+    temp_dir.mkdir(parents=True, exist_ok=True)
+
+    if dest_name:
+        repo_name = dest_name
+    else:
+        repo_name = Path(repo_url).stem if repo_url.endswith(".git") else Path(repo_url).name
+
+    clone_path = temp_dir / repo_name
+
+    if clone_path.exists():
+        shutil.rmtree(clone_path)
+
+    try:
+        with console.status(f"[bold cyan]Cloning repository {repo_url}...", spinner="dots"):
+            subprocess.run(  # noqa: S603
+                [
+                    git_executable,
+                    "clone",
+                    repo_url,
+                    str(clone_path),
+                ],
+                capture_output=True,
+                text=True,
+                check=True,
+            )
+
+        return str(clone_path.absolute())
+
+    except subprocess.CalledProcessError as e:
+        error_text = Text()
+        error_text.append("❌ ", style="bold red")
+        error_text.append("REPOSITORY CLONE FAILED", style="bold red")
+        error_text.append("\n\n", style="white")
+        error_text.append(f"Could not clone repository: {repo_url}\n", style="white")
+        error_text.append(
+            f"Error: {e.stderr if hasattr(e, 'stderr') and e.stderr else str(e)}", style="dim red"
+        )
+
+        panel = Panel(
+            error_text,
+            title="[bold red]🛡️  STRIX CLONE ERROR",
+            title_align="center",
+            border_style="red",
+            padding=(1, 2),
+        )
+        console.print("\n")
+        console.print(panel)
+        console.print()
+        sys.exit(1)
+    except FileNotFoundError:
+        error_text = Text()
+        error_text.append("❌ ", style="bold red")
+        error_text.append("GIT NOT FOUND", style="bold red")
+        error_text.append("\n\n", style="white")
+        error_text.append("Git is not installed or not available in PATH.\n", style="white")
+        error_text.append("Please install Git to clone repositories.\n", style="white")
+
+        panel = Panel(
+            error_text,
+            title="[bold red]🛡️  STRIX CLONE ERROR",
+            title_align="center",
+            border_style="red",
+            padding=(1, 2),
+        )
+        console.print("\n")
+        console.print(panel)
+        console.print()
+        sys.exit(1)
+
+
+# Docker utilities
+def check_docker_connection() -> Any:
+    try:
+        return docker.from_env()
+    except DockerException:
+        console = Console()
+        error_text = Text()
+        error_text.append("❌ ", style="bold red")
+        error_text.append("DOCKER NOT AVAILABLE", style="bold red")
+        error_text.append("\n\n", style="white")
+        error_text.append("Cannot connect to Docker daemon.\n", style="white")
+        error_text.append("Please ensure Docker is installed and running.\n\n", style="white")
+        error_text.append("Try running: ", style="dim white")
+        error_text.append("sudo systemctl start docker", style="dim cyan")
+
+        panel = Panel(
+            error_text,
+            title="[bold red]🛡️  STRIX STARTUP ERROR",
+            title_align="center",
+            border_style="red",
+            padding=(1, 2),
+        )
+        console.print("\n", panel, "\n")
+        raise RuntimeError("Docker not available") from None
+
+
+def image_exists(client: Any, image_name: str) -> bool:
+    try:
+        client.images.get(image_name)
+    except ImageNotFound:
+        return False
+    else:
+        return True
+
+
+def update_layer_status(layers_info: dict[str, str], layer_id: str, layer_status: str) -> None:
+    if "Pull complete" in layer_status or "Already exists" in layer_status:
+        layers_info[layer_id] = "✓"
+    elif "Downloading" in layer_status:
+        layers_info[layer_id] = "↓"
+    elif "Extracting" in layer_status:
+        layers_info[layer_id] = "📦"
+    elif "Waiting" in layer_status:
+        layers_info[layer_id] = "⏳"
+    else:
+        layers_info[layer_id] = "•"
+
+
+def process_pull_line(
+    line: dict[str, Any], layers_info: dict[str, str], status: Any, last_update: str
+) -> str:
+    if "id" in line and "status" in line:
+        layer_id = line["id"]
+        update_layer_status(layers_info, layer_id, line["status"])
+
+        completed = sum(1 for v in layers_info.values() if v == "✓")
+        total = len(layers_info)
+
+        if total > 0:
+            update_msg = f"[bold cyan]Progress: {completed}/{total} layers complete"
+            if update_msg != last_update:
+                status.update(update_msg)
+                return update_msg
+
+    elif "status" in line and "id" not in line:
+        global_status = line["status"]
+        if "Pulling from" in global_status:
+            status.update("[bold cyan]Fetching image manifest...")
+        elif "Digest:" in global_status:
+            status.update("[bold cyan]Verifying image...")
+        elif "Status:" in global_status:
+            status.update("[bold cyan]Finalizing...")
+
+    return last_update
+
+
+# LLM utilities
+def validate_llm_response(response: Any) -> None:
+    if not response or not response.choices or not response.choices[0].message.content:
+        raise RuntimeError("Invalid response from LLM")

strix/runtime/docker_runtime.py

@@ -40,7 +40,7 @@ class DockerRuntime(AbstractRuntime):
 
     def _get_scan_id(self, agent_id: str) -> str:
         try:
-            from strix.cli.tracer import get_global_tracer
+            from strix.telemetry.tracer import get_global_tracer
 
             tracer = get_global_tracer()
             if tracer and tracer.scan_config:
@@ -250,7 +250,9 @@ class DockerRuntime(AbstractRuntime):
 
         time.sleep(5)
 
-    def _copy_local_directory_to_container(self, container: Container, local_path: str) -> None:
+    def _copy_local_directory_to_container(
+        self, container: Container, local_path: str, target_name: str | None = None
+    ) -> None:
         import tarfile
         from io import BytesIO
 
@@ -260,13 +262,20 @@ class DockerRuntime(AbstractRuntime):
                 logger.warning(f"Local path does not exist or is not directory: {local_path_obj}")
                 return
 
-            logger.info(f"Copying local directory {local_path_obj} to container")
+            if target_name:
+                logger.info(
+                    f"Copying local directory {local_path_obj} to container at "
+                    f"/workspace/{target_name}"
+                )
+            else:
+                logger.info(f"Copying local directory {local_path_obj} to container")
 
             tar_buffer = BytesIO()
             with tarfile.open(fileobj=tar_buffer, mode="w") as tar:
                 for item in local_path_obj.rglob("*"):
                     if item.is_file():
-                        arcname = item.relative_to(local_path_obj)
+                        rel_path = item.relative_to(local_path_obj)
+                        arcname = Path(target_name) / rel_path if target_name else rel_path
                         tar.add(item, arcname=arcname)
 
             tar_buffer.seek(0)
@@ -283,14 +292,26 @@ class DockerRuntime(AbstractRuntime):
             logger.exception("Failed to copy local directory to container")
 
     async def create_sandbox(
-        self, agent_id: str, existing_token: str | None = None, local_source_path: str | None = None
+        self,
+        agent_id: str,
+        existing_token: str | None = None,
+        local_sources: list[dict[str, str]] | None = None,
     ) -> SandboxInfo:
         scan_id = self._get_scan_id(agent_id)
         container = self._get_or_create_scan_container(scan_id)
 
         source_copied_key = f"_source_copied_{scan_id}"
-        if local_source_path and not hasattr(self, source_copied_key):
-            self._copy_local_directory_to_container(container, local_source_path)
+        if local_sources and not hasattr(self, source_copied_key):
+            for index, source in enumerate(local_sources, start=1):
+                source_path = source.get("source_path")
+                if not source_path:
+                    continue
+
+                target_name = source.get("workspace_subdir")
+                if not target_name:
+                    target_name = Path(source_path).name or f"target_{index}"
+
+                self._copy_local_directory_to_container(container, source_path, target_name)
             setattr(self, source_copied_key, True)
 
         container_id = container.id

strix/runtime/runtime.py

@@ -13,7 +13,10 @@ class SandboxInfo(TypedDict):
 class AbstractRuntime(ABC):
     @abstractmethod
     async def create_sandbox(
-        self, agent_id: str, existing_token: str | None = None, local_source_path: str | None = None
+        self,
+        agent_id: str,
+        existing_token: str | None = None,
+        local_sources: list[dict[str, str]] | None = None,
     ) -> SandboxInfo:
         raise NotImplementedError
 

strix/telemetry/__init__.py

@@ -0,0 +1,4 @@
+from .tracer import Tracer, get_global_tracer, set_global_tracer
+
+
+__all__ = ["Tracer", "get_global_tracer", "set_global_tracer"]

strix/{cli → telemetry}/tracer.py

@@ -1,10 +1,14 @@
 import logging
 from datetime import UTC, datetime
 from pathlib import Path
-from typing import Any, Optional
+from typing import TYPE_CHECKING, Any, Optional
 from uuid import uuid4
 
 
+if TYPE_CHECKING:
+    from collections.abc import Callable
+
+
 logger = logging.getLogger(__name__)
 
 _global_tracer: Optional["Tracer"] = None
@@ -40,14 +44,15 @@ class Tracer:
             "run_name": self.run_name,
             "start_time": self.start_time,
             "end_time": None,
-            "target": None,
-            "scan_type": None,
+            "targets": [],
             "status": "running",
         }
         self._run_dir: Path | None = None
         self._next_execution_id = 1
         self._next_message_id = 1
 
+        self.vulnerability_found_callback: Callable[[str, str, str, str], None] | None = None
+
     def set_run_name(self, run_name: str) -> None:
         self.run_name = run_name
         self.run_id = run_name
@@ -81,6 +86,12 @@ class Tracer:
 
         self.vulnerability_reports.append(report)
         logger.info(f"Added vulnerability report: {report_id} - {title}")
+
+        if self.vulnerability_found_callback:
+            self.vulnerability_found_callback(
+                report_id, title.strip(), content.strip(), severity.lower().strip()
+            )
+
         return report_id
 
     def set_final_scan_result(
@@ -181,8 +192,7 @@ class Tracer:
         self.scan_config = config
         self.run_metadata.update(
             {
-                "target": config.get("target", {}),
-                "scan_type": config.get("scan_type", "general"),
+                "targets": config.get("targets", []),
                 "user_instructions": config.get("user_instructions", ""),
                 "max_iterations": config.get("max_iterations", 200),
             }
@@ -194,14 +204,16 @@ class Tracer:
             self.end_time = datetime.now(UTC).isoformat()
 
             if self.final_scan_result:
-                scan_report_file = run_dir / "scan_report.md"
-                with scan_report_file.open("w", encoding="utf-8") as f:
-                    f.write("# Security Scan Report\n\n")
+                penetration_test_report_file = run_dir / "penetration_test_report.md"
+                with penetration_test_report_file.open("w", encoding="utf-8") as f:
+                    f.write("# Security Penetration Test Report\n\n")
                     f.write(
                         f"**Generated:** {datetime.now(UTC).strftime('%Y-%m-%d %H:%M:%S UTC')}\n\n"
                     )
                     f.write(f"{self.final_scan_result}\n")
-                logger.info(f"Saved final scan report to: {scan_report_file}")
+                logger.info(
+                    f"Saved final penetration test report to: {penetration_test_report_file}"
+                )
 
             if self.vulnerability_reports:
                 vuln_dir = run_dir / "vulnerabilities"

strix/tools/agents_graph/agents_graph_actions.py

@@ -228,15 +228,19 @@ def create_agent(
         from strix.agents.state import AgentState
         from strix.llm.config import LLMConfig
 
-        state = AgentState(task=task, agent_name=name, parent_id=parent_id, max_iterations=200)
+        state = AgentState(task=task, agent_name=name, parent_id=parent_id, max_iterations=300)
 
         llm_config = LLMConfig(prompt_modules=module_list)
-        agent = StrixAgent(
-            {
-                "llm_config": llm_config,
-                "state": state,
-            }
-        )
+
+        parent_agent = _agent_instances.get(parent_id)
+        agent_config = {
+            "llm_config": llm_config,
+            "state": state,
+        }
+        if parent_agent and hasattr(parent_agent, "non_interactive"):
+            agent_config["non_interactive"] = parent_agent.non_interactive
+
+        agent = StrixAgent(agent_config)
 
         inherited_messages = []
         if inherit_context:
@@ -487,7 +491,7 @@ def stop_agent(agent_id: str) -> dict[str, Any]:
         agent_node["status"] = "stopping"
 
         try:
-            from strix.cli.tracer import get_global_tracer
+            from strix.telemetry.tracer import get_global_tracer
 
             tracer = get_global_tracer()
             if tracer:
@@ -578,7 +582,7 @@ def wait_for_message(
             _agent_graph["nodes"][agent_id]["waiting_reason"] = reason
 
         try:
-            from strix.cli.tracer import get_global_tracer
+            from strix.telemetry.tracer import get_global_tracer
 
             tracer = get_global_tracer()
             if tracer:

strix/tools/executor.py

@@ -240,7 +240,7 @@ async def _execute_single_tool(
 
 def _get_tracer_and_agent_id(agent_state: Any | None) -> tuple[Any | None, str]:
     try:
-        from strix.cli.tracer import get_global_tracer
+        from strix.telemetry.tracer import get_global_tracer
 
         tracer = get_global_tracer()
         agent_id = agent_state.agent_id if agent_state else "unknown_agent"

strix/tools/finish/finish_actions.py

@@ -107,7 +107,7 @@ def _check_active_agents(agent_state: Any = None) -> dict[str, Any] | None:
 
 def _finalize_with_tracer(content: str, success: bool) -> dict[str, Any]:
     try:
-        from strix.cli.tracer import get_global_tracer
+        from strix.telemetry.tracer import get_global_tracer
 
         tracer = get_global_tracer()
         if tracer:

strix/tools/reporting/reporting_actions.py

@@ -27,7 +27,7 @@ def create_vulnerability_report(
         return {"success": False, "message": validation_error}
 
     try:
-        from strix.cli.tracer import get_global_tracer
+        from strix.telemetry.tracer import get_global_tracer
 
         tracer = get_global_tracer()
         if tracer: